To LUGNET HomepageTo LUGNET News HomepageTo LUGNET Guide Homepage
 Help on Searching
 
Post new message to lugnet.admin.nntpOpen lugnet.admin.nntp in your NNTP NewsreaderTo LUGNET News Traffic PageSign In (Members)
 Administrative / NNTP / 767
  Re: E-mail authentication during posting
 
"LUGNET Admin" <todd@lugnet.com> wrote in message news:GF40AG.31A@lugnet.com... (...) send (...) This (...) message (...) and (...) What percentage of the news readers allow the use of authenticated NNTP? I know OE does, you simply supply a login (...) (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
 
  Re: E-mail authentication during posting
 
Hello again, just a few seconds ago, I sent my suggestions on how authentication could be made most convenient, but I obviously missed the most integrated and straightforward idea: (...) So, thanks, Daniel, for bringing this up. I would strongly (...) (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
 
  Re: E-mail authentication during posting
 
"Horst Lehner" <Horst_Lehner@mausnet.de> wrote in message news:B7539131.54B6%H...snet.de... (...) be (...) I saw your post, and I like the idea of using digital signatures, but it's not practical for everyone, esp. if their news reader does support (...) (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
 
  Re: E-mail authentication during posting
 
(...) As far as I'm aware, zero. NNTP doesn't do authentication -- it does authorization. That is, if you're authorized to post to the server (after giving your username/password), you can still forge messages in anyone's name. Some server hacks (...) (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
 
  Re: E-mail authentication during posting
 
(...) This was talked about a couple weeks ago already, actually, and I don't really think it's a workable option, unfortunately. -- Todd S. Lehman | LUGNET Admin <todd@lugnet.com> (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
 
  Re: E-mail authentication during posting
 
(...) A public news server that I use allows people to connect and read messages freely, but requires a username/password to post, so it shouldn't be unfeasible to do that here. You'd still need to do some additional checking to ensure the username (...) (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
 
  Re: E-mail authentication during posting
 
"LUGNET Admin" <todd@lugnet.com> wrote in message news:GF4HrG.C3I@lugnet.com... (...) In that case I like Horst's idea of being able to list all posts for a user on a single page and being able to tick the ones to post, tick the ones to delete, and (...) (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
 
  Re: E-mail authentication during posting
 
(...) It's that second part that's tricky. The first part doesn't help, because once logged in as anybody, you can post as anybody else. (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
 
  Re: E-mail authentication during posting
 
(...) Do we have to worry that much about that? I think the primary concern is to have a reasonable way to block posting by unauthorized folks. If you abuse your priviledges, your NNTP ID/password would be revoked. (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
 
  Re: E-mail authentication during posting
 
(...) It's already been proven that revoking priviledges doesn't work. Whatever fix is put in needs to address the problem as much as possible before it gets to the revokation point, IMHO. Sure you can revoke an ID/password but what is to stop them (...) (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
 
  Re: E-mail authentication during posting
 
"Eric Kingsley" <kingsley@nelug.org> wrote in message news:GF4oDv.5ww@lugnet.com... (...) fix (...) to (...) is to (...) you (...) This new system has little benefit over the existing open one if you look at it from the view of being able to block (...) (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
 
  Re: E-mail authentication during posting
 
BTW, I just wanted to also add that I think Todd has done a great job of finding a way to stop the recent hijacking problem, and I hope my comments don't sound like I'm moaning too much. Hopefully these discussions will bring about some new ideas on (...) (23 years ago, 18-Jun-01, to lugnet.admin.nntp)
 
  Re: E-mail authentication during posting
 
(...) But it has to be easy to create a new account -- otherwise, new people would be scared off. So having one of those revoked isn't very meaningful. (23 years ago, 18-Jun-01, to lugnet.admin.nntp)

©2005 LUGNET. All rights reserved. - hosted by steinbruch.info GbR